Solved: Re: Windows Deployment Server to *Nix deployment c... - Page 2

bmacias84 · ‎12-21-2012

Hello All,

Problem: Using a Splunk Deployment Server on Windows with *Nix Deployment Clients. When using a Win Deployment Server *Nix Deployment Clients are unable excute any .py or .sh. I assume that this is due to *Nix system do not understand Win file permissions.

I thought I could get around this by using umask 0002 (effective permission 0755) for the splunk user on *Nix by editing the .bashrc in splunk's $HOME dir. This did not appear to fix the issue.

Temp solution: chmod -R 775 *.sh for my deployed app; however, this is great until I modify the deployment app from the deployment server and reload. Then I face the problem all over again.

Currently testing some solutions, but does any one know how to overcome this besides running a *Nix Deployment Server or unpack and repacking on *Nix box before adding to deployment Server?

Update:

The splunk daemon runs under the splunk user context. All file system objects are owned by splunk user and splunk group.

The deployment client applies the following permissions:



folders - 700

file - 644

From bash if you define the interpreter /bin/sh $SPLUNK_HOME/etc/apps/Splunk_TA_nix/bin/cpu.sh I no longer receive a permission denied.

From the inputs.conf scripts stanza [script:///bin/sh bin/cpu.sh] or [script:///bin/sh ./bin/ps.sh] I receive an errors:



ERROR FrameworkUtils - Incorrect path to script: /bin/sh. Script must be located inside $SPLUNK_HOME/bin/scripts.

ERROR ExecProcessor - Ignoring: "/bin/sh ./bin/cpu.sh"

Thanks in advance!

Previous post from 2010:application-scripts-not-executable-when-deployed-via-deployment-server

bmacias84 · ‎12-28-2012

I have a work around, but I am not entirely happy about it. For this work around to work you have to create a symbolic link to bash and use absolute paths in your inputs.conf, which can be little of a pain. Thanks to @jrodman for the idea of using symbolic link.

On your *nix box:



#will need to log in with root or root like permission depending on security.

ln –s /bin/bash /opt/splunk/bin/scripts/sh  #creates symbolic link. If you create symbolic link #in bin splunk with ignore the stanza at startup.

ls –ali /opt/splunk/scripts #verify link-link is owned by root other user.  Need to be owned by #user running splunkd

chown –h splunk:splunk /opt/splunk/bin/scripts/sh #changes symbolic link ownership to splunk #user and splunk group. Be sure to use the –H switch or you will change bash ownership and not #the link.

ls –ali /opt/splunk/bin/scripts #verify permissions were applied correctly

ls –ali /bin #verify bash permission and ownership was not changed

Edit your inputs.conf stanza from the Windows deployment server:



[script://$SPLUNK_HOME/bin/scripts/sh $SPLUNK_HOME/etc/apps/Splunk_TA_nix/bin/cpu.sh]

Or

[script://$SPLUNK_HOME/bin/scripts/sh $SPLUNK_HOME/etc/apps/<TA/App_Name>/bin/<scripts>]

Output from splunkd.log:



12-28-2012 11:09:35.187 -0800 INFO  ExecProcessor - Ran script: /opt/splunk/bin/scripts/sh /opt/splunk/etc/apps/Splunk_TA_nix/bin/cpu.sh, took 1108.7 milliseconds to run, 236 bytes read

This will need to be done for every interpretor you wish to use in scripted inputs.

I would appreciate any comments or other ideas.

Cheers,

View solution in original post

piebob · ‎12-27-2012

@bmacias84, you have been a tremendous contributor, i'm offering an additional 50 points of karma for an answer to this that you accept.

Windows Deployment Server to *Nix deployment client permission issues.

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Monitoring AI Agents with Splunk Observability Cloud

[Puzzles] Solve, Learn, Repeat: Tiling

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

Join the Conversation